Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 09-01-2021
Exécuté par yannis (12-01-2021 08:33:04)
Exécuté depuis C:\Users\yannis\Downloads
Windows 10 Home Version 2004 19041.685 (X64) (2020-08-29 18:10:36)
Mode d'amorçage: Normal
==========================================================


==================== Comptes: =============================

Administrateur (S-1-5-21-467671635-455615153-3267154022-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-467671635-455615153-3267154022-503 - Limited - Disabled)
Invité (S-1-5-21-467671635-455615153-3267154022-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-467671635-455615153-3267154022-504 - Limited - Disabled)
yannis (S-1-5-21-467671635-455615153-3267154022-1002 - Administrator - Enabled) => C:\Users\yannis

==================== Centre de sécurité ========================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: Pare-feu McAfee (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Programmes installés ======================

(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)

Actiona 3.10.0-windows (64 bits) (HKLM\...\{098CDAF9-5A9B-4731-9F3C-F3F1DF7490C2}_is1) (Version: 3.10.0-windows - Actiona.tools)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{9D569A6E-C9DF-490E-93E0-7AFD28D1F9BB}) (Version: 20.23.401.14519 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{9D569A6E-C9DF-490E-93E0-7AFD28D1F9BB}) (Version: 20.23.401.14519 - Alcor Micro Corp.)
Assistant Mise à jour de Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22899 - Microsoft Corporation)
ASUS Device Activation (HKLM-x32\...\{9C4B0706-9F9A-47BF-B417-0A111FC52B04}) (Version: 1.0.4.0 - ASUSTeK COMPUTER INC.)
ASUS GiftBox Service (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 3.2.1.0 - ASUSTeK COMPUTER INC.)
ASUS Hello (HKLM-x32\...\{D8CE1923-92A9-4036-817E-9E0D8AA2169B}) (Version: 1.1.0 - ASUSTeK COMPUTER INC.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.6.8 - ASUSTeK COMPUTER INC.)
ASUS PTP Driver (HKLM-x32\...\{7618E419-9124-4E6C-9AF4-487A6DDEC1C5}) (Version: 11.0.18 - ASUS)
ASUS ZenAnywhere (HKLM\...\{EE18BAB5-35F1-44B4-A6DE-C9D4B434322F}) (Version: 4.6.0 - Orbweb Inc.) Hidden
ASUS ZenAnywhere (HKLM-x32\...\ASUS ZenAnywhere 4.6.0) (Version: 4.6.0 - Orbweb Inc.)
ATK Package (ASUS Keyboard Hotkeys) (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0060 - ASUSTeK COMPUTER INC.)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.5.34 - ICEpower a/s)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Désinstallation de l'imprimante EPSON ET-2650 Series (HKLM\...\EPSON ET-2650 Series) (Version: - Seiko Epson Corporation)
Discord (HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\Discord) (Version: 0.0.309 - Discord Inc.)
ELAN FingerPrint (HKLM\...\ElanFP) (Version: 1.5.12.1101 - ELAN Microelectronic Corp.)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 87.0.4280.141 - Google LLC)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000030-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.30.0 - Intel Corporation)
LibreOffice 6.4.3.2 (HKLM\...\{E95546E2-BAB2-4E42-97AB-BC7D497D405F}) (Version: 6.4.3.2 - The Document Foundation)
Logiciel Intel® PROSet/Wireless (HKLM-x32\...\{d5c53162-d8b4-4547-8a40-917a25c0172e}) (Version: 20.60.0 - Intel Corporation)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 16.0 R29 - McAfee, LLC)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.75 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.65 - )
Microsoft OneDrive (HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
netcut version 3.0.129 (HKLM-x32\...\{6BE5152F-0885-4AA5-8385-4AD2D8472C71}_is1) (Version: 3.0.129 - arcai.com)
ProtonVPN (HKLM-x32\...\{8E673874-08E0-4E17-A884-1FE30CB61B0D}) (Version: 1.17.2 - Proton Technologies AG) Hidden
ProtonVPN (HKLM-x32\...\ProtonVPN 1.17.2) (Version: 1.17.2 - Proton Technologies AG)
ProtonVPNTap (HKLM-x32\...\{BCB82CD9-F514-4F93-A6D9-F898494DC927}) (Version: 1.1.0 - Proton Technologies AG)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
Realtek USB Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{04201224-2B34-4EE7-862B-B7BBF89DB3AB}) (Version: 10.10.713.2016 - Realtek)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{3BAE4496-6F6C-4330-A8AA-B93D3D346FA5}) (Version: 2.53.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F49D6A65-1AB6-4728-9FDA-DB5BAB631CF6}) (Version: 1.23.0.0 - Microsoft Corporation) Hidden
Windows Driver Package - ASUS (AsusPTPDrv) HIDClass (04/21/2017 11.0.0.16) (HKLM\...\7517F958DC823EE4C12050C16EFF05886960ABEF) (Version: 04/21/2017 11.0.0.16 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.2.7 - ASUSTeK COMPUTER INC.)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Wondershare Dr.Fone (Version 10.7.2) (HKLM-x32\...\{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 10.7.2.75 - Wondershare Technology Co.,Ltd.)

Packages:
=========
ASUS Battery Health Charging -> C:\Program Files\WindowsApps\B9ECED6F.ASUSBatteryHealthCharging_1.0.7.0_x86__qmba6cd70vzyy [2019-06-14] (ASUSTeK COMPUTER INC.) [Startup Task]
ASUS GIFTBOX -> C:\Program Files\WindowsApps\B9ECED6F.ASUSGIFTBOX_3.1.9.0_x64__qmba6cd70vzyy [2020-11-12] (ASUSTeK COMPUTER INC.)
ASUS Product Registration Program -> C:\Program Files\WindowsApps\B9ECED6F.ASUSProductRegistrationProgram_3.0.3.0_x86__qmba6cd70vzyy [2019-07-13] (ASUSTeK COMPUTER INC.) [Startup Task]
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.49.2.0_x86__kgqvnymyfvs32 [2020-12-15] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1930.2.0_x86__kgqvnymyfvs32 [2021-01-04] (king.com)
eManual -> C:\Program Files\WindowsApps\B9ECED6F.eManual_2.0.3.0_x86__qmba6cd70vzyy [2019-06-14] (ASUSTeK COMPUTER INC.)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.2.0_neutral__8xx8rvfyw5nnt [2020-04-01] (Instagram)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-07-13] (LinkedIn)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-13] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-25] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.13530.20316.0_x86__8wekyb3d8bbwe [2021-01-11] (Microsoft Corporation)
MyASUS-Service Center -> C:\Program Files\WindowsApps\B9ECED6F.MyASUS_3.3.11.0_x86__qmba6cd70vzyy [2019-07-13] (ASUSTeK COMPUTER INC.) [Startup Task]
Splendid -> C:\Program Files\WindowsApps\B9ECED6F.Splendid_1.0.15.0_x64__qmba6cd70vzyy [2020-04-01] (ASUSTeK COMPUTER INC.) [Startup Task]
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0 [2020-12-13] (Spotify AB) [Startup Task]

==================== Personnalisé CLSID (Avec liste blanche): ==============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_baab50003164cdd5\igfxDTCM.dll [2020-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-08-26] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Avec liste blanche) ====================

==================== Raccourcis & WMI ========================

==================== Modules chargés (Avec liste blanche) =============

2020-08-19 13:44 - 2020-08-19 13:44 - 000219935 _____ () [Fichier non signé] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\liblzo2-2.dll
2020-08-19 13:44 - 2020-08-19 13:44 - 000119167 _____ () [Fichier non signé] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libpkcs11-helper-1.dll
2020-04-07 17:55 - 2020-04-07 17:55 - 000069120 _____ (Python Software Foundation) [Fichier non signé] C:\Program Files\LibreOffice\program\python-core-3.7.7\lib\_socket.pyd
2020-04-07 17:55 - 2020-04-07 17:55 - 000019456 _____ (Python Software Foundation) [Fichier non signé] C:\Program Files\LibreOffice\program\python-core-3.7.7\lib\select.pyd
2020-04-07 18:00 - 2020-04-07 18:00 - 000518656 _____ (The Document Foundation) [Fichier non signé] C:\Program Files\LibreOffice\program\pyuno.pyd
2020-08-19 13:44 - 2020-08-19 13:44 - 003310439 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libcrypto-1_1-x64.dll
2020-08-19 13:44 - 2020-08-19 13:44 - 000848307 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [Fichier non signé] C:\Program Files (x86)\Proton Technologies\ProtonVPN\Resources\64-bit\libssl-1_1-x64.dll

==================== Alternate Data Streams (Avec liste blanche) ========

==================== Mode sans échec (Avec liste blanche) ==================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le "AlternateShell" sera restauré.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Avec liste blanche) =================

==================== Internet Explorer (Avec liste blanche) ==========

HKU\S-1-5-21-467671635-455615153-3267154022-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus17win10.msn.com/?pc=ASTE
HKU\S-1-5-21-467671635-455615153-3267154022-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-11-04] (McAfee, LLC -> McAfee, LLC)

==================== Hosts contenu: =========================

(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)

2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Autres zones ===========================

(Actuellement, il n'y a pas de correction automatique pour cette section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files\Actiona
HKU\S-1-5-21-467671635-455615153-3267154022-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\asus\wallpapers\asus.jpg
DNS Servers: 10.81.0.1 - 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Le Pare-feu est activé.

==================== MSCONFIG/TASK MANAGER éléments désactivés ==

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)

HKLM\...\StartupApproved\Run: => "EPPCCMON"
HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-467671635-455615153-3267154022-1002\...\StartupApproved\Run: => "Adaware Protect"

==================== RèglesPare-feu (Avec liste blanche) ================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

FirewallRules: [{1E24454D-9B77-4149-BD28-06452B93C2F7}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{B35FB04B-7DD1-441B-8572-7EAE58266ECC}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{5B73A754-1F82-4D92-A9CE-1E2025474E04}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe => Pas de fichier
FirewallRules: [TCP Query User{72D9C81D-5323-44CE-9DFF-76CAE97131F0}C:\program files (x86)\look@lan\lookatlan.exe] => (Allow) C:\program files (x86)\look@lan\lookatlan.exe => Pas de fichier
FirewallRules: [UDP Query User{C11933D4-D983-4879-9B05-6B226E31927A}C:\program files (x86)\look@lan\lookatlan.exe] => (Allow) C:\program files (x86)\look@lan\lookatlan.exe => Pas de fichier
FirewallRules: [TCP Query User{D2A68565-41E7-4A53-B4CD-FF24F813A679}C:\program files (x86)\look@lan\lookathost.exe] => (Allow) C:\program files (x86)\look@lan\lookathost.exe => Pas de fichier
FirewallRules: [UDP Query User{7CA81450-9984-47C0-BDB5-6B83502DC33B}C:\program files (x86)\look@lan\lookathost.exe] => (Allow) C:\program files (x86)\look@lan\lookathost.exe => Pas de fichier
FirewallRules: [{34CC8515-36D5-4BDB-8E48-6F9AD437F17C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{76348361-C470-45BC-BDCC-83261211104F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{B40AD529-DC6D-4909-A359-B45F96A5E42B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{AE78D046-24E3-424B-A205-622D4B0B895E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{903BE684-0553-4EFE-A2FF-C5B89FC6D8E9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{D19F8EAE-F121-4016-8A85-FD00015BE9F1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [TCP Query User{50EE90EA-91C8-4458-9F7D-6A28C5F788BC}C:\users\yannis\appdata\local\temp\rar$exa8412.19241\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa8412.19241\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{3A28C78F-8E72-4350-95DA-D7A1307974B0}C:\users\yannis\appdata\local\temp\rar$exa8412.19241\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa8412.19241\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{33554661-1C75-4994-9E57-A9793D099C67}C:\users\yannis\appdata\local\temp\rar$exa7764.38981\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa7764.38981\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{F570E6B9-9321-4644-8AC4-FA5FF2223ED1}C:\users\yannis\appdata\local\temp\rar$exa7764.38981\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa7764.38981\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{73ADB9C7-ABF9-4B1B-B767-09AE51C56A20}C:\users\yannis\appdata\local\temp\rar$exa15324.21564\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa15324.21564\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{73C669EF-19FC-4044-9C84-79BCDB173A68}C:\users\yannis\appdata\local\temp\rar$exa15324.21564\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa15324.21564\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{5164CD1D-239E-423C-BC8C-EE9FFF753EE4}C:\users\yannis\appdata\local\temp\rar$exa10888.9644\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa10888.9644\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{7BD4FA32-AB34-448F-913B-EF2E057027C2}C:\users\yannis\appdata\local\temp\rar$exa10888.9644\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa10888.9644\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{F198DDD6-6D93-4F27-835F-7B28B3808FDE}C:\users\yannis\appdata\local\temp\rar$exa10888.4060\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa10888.4060\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{5C6FE217-F1C5-4B41-9F5D-AB2D45E5CC51}C:\users\yannis\appdata\local\temp\rar$exa10888.4060\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa10888.4060\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [TCP Query User{D2388237-5043-4A0F-8065-AACD80151C6E}C:\users\yannis\appdata\local\temp\rar$exa10888.24473\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa10888.24473\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [UDP Query User{D4023905-AA93-46CE-9523-83933D8214CE}C:\users\yannis\appdata\local\temp\rar$exa10888.24473\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe] => (Allow) C:\users\yannis\appdata\local\temp\rar$exa10888.24473\among.us.v2020.9.9s+mod menu\among.us.v2020.9.9s\among us\among us.exe => Pas de fichier
FirewallRules: [{0563B81D-50EB-496B-8576-1A2A7D70F5AB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{AA4B5AE9-2A74-411D-AF55-AEAFF083D74C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{28A46569-EC61-4A61-B662-19B7528D1ECD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B17157DC-3B24-4BD9-BAFD-08C0A50BB691}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{69C568FD-0E49-475A-903E-84A53D2BA154}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A837790F-328A-4AF8-BB14-EFCBFFE3CF32}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F2A0F331-A52B-4275-82A6-8872B8621DAC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9CC31234-D3DD-4DE3-921C-48817F8CD7EB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4F47681D-345C-47C1-AFEA-6B0B65A80992}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{B608183A-DF8E-42F8-965C-AE70199D99D6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C8728391-24E3-4715-8D20-6D47EBADE327}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{58C623E7-D4B8-4D17-8F9E-C350CA3773AB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.148.625.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEF2F776-BF98-44F8-9CBE-AF0F0664B02C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F76E88E7-CD0C-4373-94CE-25515DAAC817}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{005ED983-C364-45C8-8254-9AEF2FB73833}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5BC31E63-E855-446A-B81F-05DFB46C3BCC}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.67.99.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7481B9DE-766A-4C93-8906-962956223F82}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.13530.20316.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3B3E2F1C-0B40-485A-A7AC-93CA4635B3FF}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{B937EB45-0659-4BFA-94AA-DBA088CB54E2}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe (ARCAI -> Arcai.com)
FirewallRules: [{B2321928-1DCC-4ED6-BE8B-AA720B3F3E72}] => (Allow) C:\Program Files (x86)\arcai.com\aips.exe (ARCAI -> Arcai.com)
FirewallRules: [{BB53432C-7441-4E76-A789-687467D16E44}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B5EA2460-E652-4077-9C64-F131FB319871}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe (ARCAI -> )
FirewallRules: [{B643944A-EBDF-4353-8496-6C960AEA5135}] => (Allow) C:\Program Files (x86)\arcai.com\netcut_windows.exe (ARCAI -> )

==================== Points de restauration =========================

25-12-2020 17:10:58 Point de contrôle planifié
02-01-2021 22:42:00 Point de contrôle planifié
10-01-2021 23:10:26 Installed Adaware Protect

==================== Éléments en erreur du Gestionnaire de périphériques ============

Name: USB2.0 HD UVC WebCam
Description: Périphérique vidéo USB
Class Guid: {ca3e7ab9-b4c3-4ae6-8251-579ef933890f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Erreurs du Journal des événements: ========================

Erreurs Application:
==================
Error: (01/11/2021 07:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.

Error: (01/11/2021 07:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]

Error: (01/11/2021 07:41:49 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours.
.

Error: (01/11/2021 07:41:49 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informations du service de cliché instantané de volumes : impossible de démarrer le serveur COM de CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} et de nom CEventSystem. [0x8007045b, Un arrêt système est en cours.
]

Error: (01/11/2021 07:40:49 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.

Error: (01/11/2021 07:37:16 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF.

Error: (01/11/2021 07:37:13 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.

Error: (01/11/2021 07:10:40 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center n'a pas pu valider l'appelant. Erreur %1.


Erreurs système:
=============
Error: (01/12/2021 08:07:46 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {d6ab489f-7645-4c7d-97b1-9191c7db6884}, a eu l’événement 74

Error: (01/11/2021 07:41:46 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OVBD23JS)
Description: Le serveur {E1EFE310-E7A6-476B-89F4-46B38AB9F477} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/11/2021 07:10:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service atc n’a pas pu démarrer en raison de l’erreur :
Windows ne peut pas vérifier la signature numérique de ce fichier. Il est possible qu’une modification matérielle ou logicielle récente ait installé un fichier endommagé ou dont la signature est incorrecte, ou qu’il s’agisse d’un logiciel malveillant provenant d’une source inconnue.

Error: (01/11/2021 06:46:57 PM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Le pilote a détecté une erreur de pilote interne sur \Device\VBoxNetLwf.

Error: (01/11/2021 06:46:30 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OVBD23JS)
Description: Le serveur {E1EFE310-E7A6-476B-89F4-46B38AB9F477} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/11/2021 06:46:29 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OVBD23JS)
Description: Le serveur {E1EFE310-E7A6-476B-89F4-46B38AB9F477} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.

Error: (01/11/2021 06:30:24 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: AUTORITE NT)
Description: Le miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {d6ab489f-7645-4c7d-97b1-9191c7db6884}, a eu l’événement 74

Error: (01/11/2021 07:59:14 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-OVBD23JS)
Description: Le serveur {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} ne s’est pas enregistré sur DCOM avant la fin du temps imparti.


Windows Defender:
===================================
Date: 2021-01-11 22:47:28.3080000Z
Description:
L’analyse Antivirus Microsoft Defender a été arrêtée avant la fin.
ID de l’analyse : {92E252D4-6225-429D-893C-5923F974281A}
Type de l’analyse : Logiciel anti-programme malveillant
Paramètres de l’analyse : Analyse complète
Utilisateur : LAPTOP-OVBD23JS\yannis

Date: 2021-01-11 22:47:28.3060000Z
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:O97M/WebShell!MSR&threatid=2147756378&enterprise=0
Nom : Trojan:O97M/WebShell!MSR
ID : 2147756378
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : containerfile:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso; file:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso->pool\main\b\beef-xss\beef-xss_0.5.0.0+git20191218-0kali2_all.deb->data.tar.xz->(xz)->./usr/share/beef-xss/modules/social_engineering/edge_wscript_wsh_injection/module.rb
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Utilisateur
Utilisateur : LAPTOP-OVBD23JS\yannis
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.329.2042.0, AS: 1.329.2042.0, NIS: 1.329.2042.0
Version du moteur : AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-11 22:47:28.3040000Z
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:JS/ShellCode.gen&threatid=2147609988&enterprise=0
Nom : Exploit:JS/ShellCode.gen
ID : 2147609988
Gravité : Grave
Catégorie : Attaque
Chemin : containerfile:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso; file:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso->pool\main\b\beef-xss\beef-xss_0.5.0.0+git20191218-0kali2_all.deb->data.tar.xz->(xz)->./usr/share/beef-xss/modules/exploits/local_host/ie_ms13_069_caret/ie_ms13_069_caret.html->(SCRIPT0000)
Origine de la détection : Ordinateur local
Type de détection : Heuristiques
Source de détection : Utilisateur
Utilisateur : LAPTOP-OVBD23JS\yannis
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.329.2042.0, AS: 1.329.2042.0, NIS: 1.329.2042.0
Version du moteur : AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-11 22:47:28.3020000Z
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:JS/ShellCode.AT&threatid=2147655829&enterprise=0
Nom : Exploit:JS/ShellCode.AT
ID : 2147655829
Gravité : Grave
Catégorie : Attaque
Chemin : containerfile:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso; file:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso->pool\main\b\beef-xss\beef-xss_0.5.0.0+git20191218-0kali2_all.deb->data.tar.xz->(xz)->./usr/share/beef-xss/modules/exploits/local_host/ie_ms12_004_midi/ie_ms12_004_midi.html
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Utilisateur
Utilisateur : LAPTOP-OVBD23JS\yannis
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.329.2042.0, AS: 1.329.2042.0, NIS: 1.329.2042.0
Version du moteur : AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-11 22:47:28.3000000Z
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Exploit:Win32/ShellCode.BL&threatid=2147729581&enterprise=0
Nom : Exploit:Win32/ShellCode.BL
ID : 2147729581
Gravité : Grave
Catégorie : Attaque
Chemin : containerfile:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso; file:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso->pool\main\b\beef-xss\beef-xss_0.5.0.0+git20191218-0kali2_all.deb->data.tar.xz->(xz)->./usr/share/beef-xss/modules/exploits/beefbind/beef_bind_exploits/active_fax_beef_bind/command.js; file:_C:\Users\yannis\Downloads\kali-linux-2020.3-installer-amd64.iso->pool\main\b\beef-xss\beef-xss_0.5.0.0+git20191218-0kali2_all.deb->data.tar.xz->(xz)->./usr/share/beef-xss/modules/exploits/beefbind/beef_bind_exploits/eudora_mail_beef_bind/command.js
Origine de la détection : Ordinateur local
Type de détection : Concret
Source de détection : Utilisateur
Utilisateur : LAPTOP-OVBD23JS\yannis
Nom du processus : Unknown
Version de la veille de sécurité : AV: 1.329.2042.0, AS: 1.329.2042.0, NIS: 1.329.2042.0
Version du moteur : AM: 1.1.17700.4, NIS: 1.1.17700.4

CodeIntegrity:
===================================

Date: 2021-01-12 08:22:46.2960000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-12 08:22:46.2930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2021-01-12 08:20:08.8810000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 08:20:08.8720000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 08:20:08.8590000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 08:20:08.8410000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 08:20:08.8300000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

Date: 2021-01-12 08:20:08.6390000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.

==================== Infos Mémoire ===========================

BIOS: American Megatrends Inc. UX430UAR.308 04/17/2019
Carte mère: ASUSTeK COMPUTER INC. UX430UAR
Processeur: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Pourcentage de mémoire utilisée: 70%
Mémoire physique - RAM - totale: 8052.79 MB
Mémoire physique - RAM - disponible: 2336.25 MB
Mémoire virtuelle totale: 15988.79 MB
Mémoire virtuelle disponible: 9475.18 MB

==================== Lecteurs ================================

Drive c: (OS) (Fixed) (Total:237.42 GB) (Free:156.8 GB) NTFS

\\?\Volume{a7ee5527-c09a-4068-ad19-abb75ba0b830}\ (RECOVERY) (Fixed) (Total:0.78 GB) (Free:0.35 GB) NTFS
\\?\Volume{26e4e028-53f3-44ca-b525-ef85e0606061}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Table des partitions ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 75595048)

Partition: GPT.

==================== Fin de Addition.txt =======================